GLobalMethodSecurityConfiguration security hotspots

Hello everyone,

I have scanned my code and I have a security hotspots about extends GlobalMethodSecurityConfiguration.
The fact is that I have override one function from this class.

Do you have any option or solution to this security become safe please ?

  public class MethodSecurityConfig extends GlobalMethodSecurityConfiguration {
    private CustomPermissionEvaluator permissionEvaluator;

     * To handle the security Expression with CustomPermissionEvaluatorimplements.
     * @return
    protected MethodSecurityExpressionHandler createExpressionHandler() {
        DefaultMethodSecurityExpressionHandler expressionHandler = new DefaultMethodSecurityExpressionHandler();
        // expressionHandler.setParameterNameDiscoverer(new
        // AnnotationParameterNameDiscoverer(PathVariable.class.getName(), P.class.getName()));
        return expressionHandler;

Hello again @lnoel

This is the same rule / problem than in the other thread you created.

Thank you for your report.


This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.